@blackcode_sa/metaestetics-api 1.15.17-staging.8 → 1.15.17-staging.9

package/dist/index.d.mts

@@ -10282,14 +10282,25 @@ declare const getFirebaseFunctions: () => Promise<Functions>;
  * what a given role (owner/admin/receptionist/assistant) can do.
  * New roles can be added by extending the ClinicRole enum and adding
  * a corresponding entry here.
+ *
+ * v2 (2026-03-31): Expanded from 23 to 40 permissions.
+ *   - providers.manage → providers.create, providers.invite, providers.edit
+ *   - staff.manage → staff.view, staff.edit, staff.invite, staff.delete, staff.viewTokens, staff.deleteTokens
+ *   - Added: clinic.create, calendar.addEvent, calendar.editEvent, calendar.deleteEvent,
+ *     appointments.reschedule, patients.viewDetails, patients.create, patients.manageTokens, billing.view
  */
 declare const PERMISSION_KEYS: {
     readonly 'clinic.view': true;
     readonly 'clinic.edit': true;
+    readonly 'clinic.create': true;
     readonly 'reviews.view': true;
     readonly 'calendar.view': true;
+    readonly 'calendar.addEvent': true;
+    readonly 'calendar.editEvent': true;
+    readonly 'calendar.deleteEvent': true;
     readonly 'appointments.view': true;
     readonly 'appointments.confirm': true;
+    readonly 'appointments.reschedule': true;
     readonly 'appointments.cancel': true;
     readonly messaging: true;
     readonly 'procedures.view': true;
@@ -10301,12 +10312,23 @@ declare const PERMISSION_KEYS: {
     readonly 'resources.edit': true;
     readonly 'resources.delete': true;
     readonly 'patients.view': true;
+    readonly 'patients.viewDetails': true;
+    readonly 'patients.create': true;
     readonly 'patients.edit': true;
+    readonly 'patients.manageTokens': true;
     readonly 'providers.view': true;
-    readonly 'providers.manage': true;
+    readonly 'providers.create': true;
+    readonly 'providers.invite': true;
+    readonly 'providers.edit': true;
     readonly 'analytics.view': true;
-    readonly 'staff.manage': true;
+    readonly 'staff.view': true;
+    readonly 'staff.edit': true;
+    readonly 'staff.invite': true;
+    readonly 'staff.delete': true;
+    readonly 'staff.viewTokens': true;
+    readonly 'staff.deleteTokens': true;
     readonly 'settings.manage': true;
+    readonly 'billing.view': true;
     readonly 'billing.manage': true;
 };
 type PermissionKey = keyof typeof PERMISSION_KEYS;
@@ -10348,7 +10370,7 @@ declare const PERMISSION_LABELS: Record<string, {
     category: string;
 }>;
 /** All unique permission categories in display order. */
-declare const PERMISSION_CATEGORIES: readonly ["Clinic", "Calendar", "Appointments", "Messaging", "Procedures", "Resources", "Patients", "Providers", "Analytics", "Administration"];
+declare const PERMISSION_CATEGORIES: readonly ["Clinic", "Calendar", "Appointments", "Messaging", "Procedures", "Resources", "Patients", "Providers", "Analytics", "Staff Management", "Administration"];
 /**
  * Resolves the effective tier for a subscription model string.
  */

package/dist/index.d.ts

@@ -10282,14 +10282,25 @@ declare const getFirebaseFunctions: () => Promise<Functions>;
  * what a given role (owner/admin/receptionist/assistant) can do.
  * New roles can be added by extending the ClinicRole enum and adding
  * a corresponding entry here.
+ *
+ * v2 (2026-03-31): Expanded from 23 to 40 permissions.
+ *   - providers.manage → providers.create, providers.invite, providers.edit
+ *   - staff.manage → staff.view, staff.edit, staff.invite, staff.delete, staff.viewTokens, staff.deleteTokens
+ *   - Added: clinic.create, calendar.addEvent, calendar.editEvent, calendar.deleteEvent,
+ *     appointments.reschedule, patients.viewDetails, patients.create, patients.manageTokens, billing.view
  */
 declare const PERMISSION_KEYS: {
     readonly 'clinic.view': true;
     readonly 'clinic.edit': true;
+    readonly 'clinic.create': true;
     readonly 'reviews.view': true;
     readonly 'calendar.view': true;
+    readonly 'calendar.addEvent': true;
+    readonly 'calendar.editEvent': true;
+    readonly 'calendar.deleteEvent': true;
     readonly 'appointments.view': true;
     readonly 'appointments.confirm': true;
+    readonly 'appointments.reschedule': true;
     readonly 'appointments.cancel': true;
     readonly messaging: true;
     readonly 'procedures.view': true;
@@ -10301,12 +10312,23 @@ declare const PERMISSION_KEYS: {
     readonly 'resources.edit': true;
     readonly 'resources.delete': true;
     readonly 'patients.view': true;
+    readonly 'patients.viewDetails': true;
+    readonly 'patients.create': true;
     readonly 'patients.edit': true;
+    readonly 'patients.manageTokens': true;
     readonly 'providers.view': true;
-    readonly 'providers.manage': true;
+    readonly 'providers.create': true;
+    readonly 'providers.invite': true;
+    readonly 'providers.edit': true;
     readonly 'analytics.view': true;
-    readonly 'staff.manage': true;
+    readonly 'staff.view': true;
+    readonly 'staff.edit': true;
+    readonly 'staff.invite': true;
+    readonly 'staff.delete': true;
+    readonly 'staff.viewTokens': true;
+    readonly 'staff.deleteTokens': true;
     readonly 'settings.manage': true;
+    readonly 'billing.view': true;
     readonly 'billing.manage': true;
 };
 type PermissionKey = keyof typeof PERMISSION_KEYS;
@@ -10348,7 +10370,7 @@ declare const PERMISSION_LABELS: Record<string, {
     category: string;
 }>;
 /** All unique permission categories in display order. */
-declare const PERMISSION_CATEGORIES: readonly ["Clinic", "Calendar", "Appointments", "Messaging", "Procedures", "Resources", "Patients", "Providers", "Analytics", "Administration"];
+declare const PERMISSION_CATEGORIES: readonly ["Clinic", "Calendar", "Appointments", "Messaging", "Procedures", "Resources", "Patients", "Providers", "Analytics", "Staff Management", "Administration"];
 /**
  * Resolves the effective tier for a subscription model string.
  */

package/dist/index.js

@@ -12751,14 +12751,20 @@ var import_firestore36 = require("firebase/firestore");
 
 // src/config/tiers.config.ts
 var PERMISSION_KEYS = {
-  // Listing & profile
+  // Clinic
   "clinic.view": true,
   "clinic.edit": true,
+  "clinic.create": true,
   "reviews.view": true,
-  // Calendar & Appointments
+  // Calendar
   "calendar.view": true,
+  "calendar.addEvent": true,
+  "calendar.editEvent": true,
+  "calendar.deleteEvent": true,
+  // Appointments
   "appointments.view": true,
   "appointments.confirm": true,
+  "appointments.reschedule": true,
   "appointments.cancel": true,
   // Messaging
   "messaging": true,
@@ -12774,16 +12780,27 @@ var PERMISSION_KEYS = {
   "resources.delete": true,
   // Patients
   "patients.view": true,
+  "patients.viewDetails": true,
+  "patients.create": true,
   "patients.edit": true,
+  "patients.manageTokens": true,
   // Providers (doctors, nurses, laser assistants, etc.)
   "providers.view": true,
-  "providers.manage": true,
+  "providers.create": true,
+  "providers.invite": true,
+  "providers.edit": true,
   // Analytics
   "analytics.view": true,
   // Staff management
-  "staff.manage": true,
+  "staff.view": true,
+  "staff.edit": true,
+  "staff.invite": true,
+  "staff.delete": true,
+  "staff.viewTokens": true,
+  "staff.deleteTokens": true,
   // Settings / Admin
   "settings.manage": true,
+  "billing.view": true,
   "billing.manage": true
 };
 var TIER_CONFIG = {
@@ -12819,10 +12836,15 @@ var DEFAULT_ROLE_PERMISSIONS = {
   ["owner" /* OWNER */]: {
     "clinic.view": true,
     "clinic.edit": true,
+    "clinic.create": true,
     "reviews.view": true,
     "calendar.view": true,
+    "calendar.addEvent": true,
+    "calendar.editEvent": true,
+    "calendar.deleteEvent": true,
     "appointments.view": true,
     "appointments.confirm": true,
+    "appointments.reschedule": true,
     "appointments.cancel": true,
     "messaging": true,
     "procedures.view": true,
@@ -12834,21 +12856,37 @@ var DEFAULT_ROLE_PERMISSIONS = {
     "resources.edit": true,
     "resources.delete": true,
     "patients.view": true,
+    "patients.viewDetails": true,
+    "patients.create": true,
     "patients.edit": true,
+    "patients.manageTokens": true,
     "providers.view": true,
-    "providers.manage": true,
+    "providers.create": true,
+    "providers.invite": true,
+    "providers.edit": true,
     "analytics.view": true,
-    "staff.manage": true,
+    "staff.view": true,
+    "staff.edit": true,
+    "staff.invite": true,
+    "staff.delete": true,
+    "staff.viewTokens": true,
+    "staff.deleteTokens": true,
     "settings.manage": true,
+    "billing.view": true,
     "billing.manage": true
   },
   ["admin" /* ADMIN */]: {
     "clinic.view": true,
     "clinic.edit": true,
+    "clinic.create": false,
     "reviews.view": true,
     "calendar.view": true,
+    "calendar.addEvent": true,
+    "calendar.editEvent": true,
+    "calendar.deleteEvent": true,
     "appointments.view": true,
     "appointments.confirm": true,
+    "appointments.reschedule": true,
     "appointments.cancel": true,
     "messaging": true,
     "procedures.view": true,
@@ -12860,21 +12898,37 @@ var DEFAULT_ROLE_PERMISSIONS = {
     "resources.edit": true,
     "resources.delete": true,
     "patients.view": true,
+    "patients.viewDetails": true,
+    "patients.create": true,
     "patients.edit": true,
+    "patients.manageTokens": true,
     "providers.view": true,
-    "providers.manage": true,
+    "providers.create": true,
+    "providers.invite": true,
+    "providers.edit": true,
     "analytics.view": true,
-    "staff.manage": false,
+    "staff.view": true,
+    "staff.edit": false,
+    "staff.invite": false,
+    "staff.delete": false,
+    "staff.viewTokens": false,
+    "staff.deleteTokens": false,
     "settings.manage": true,
+    "billing.view": true,
     "billing.manage": false
   },
   ["receptionist" /* RECEPTIONIST */]: {
     "clinic.view": true,
     "clinic.edit": false,
+    "clinic.create": false,
     "reviews.view": true,
     "calendar.view": true,
+    "calendar.addEvent": true,
+    "calendar.editEvent": false,
+    "calendar.deleteEvent": false,
     "appointments.view": true,
     "appointments.confirm": true,
+    "appointments.reschedule": true,
     "appointments.cancel": false,
     "messaging": true,
     "procedures.view": true,
@@ -12886,21 +12940,37 @@ var DEFAULT_ROLE_PERMISSIONS = {
     "resources.edit": false,
     "resources.delete": false,
     "patients.view": true,
+    "patients.viewDetails": true,
+    "patients.create": true,
     "patients.edit": false,
+    "patients.manageTokens": false,
     "providers.view": true,
-    "providers.manage": false,
+    "providers.create": false,
+    "providers.invite": false,
+    "providers.edit": false,
     "analytics.view": false,
-    "staff.manage": false,
+    "staff.view": false,
+    "staff.edit": false,
+    "staff.invite": false,
+    "staff.delete": false,
+    "staff.viewTokens": false,
+    "staff.deleteTokens": false,
     "settings.manage": false,
+    "billing.view": false,
     "billing.manage": false
   },
   ["assistant" /* ASSISTANT */]: {
     "clinic.view": true,
     "clinic.edit": false,
+    "clinic.create": false,
     "reviews.view": true,
     "calendar.view": true,
+    "calendar.addEvent": false,
+    "calendar.editEvent": false,
+    "calendar.deleteEvent": false,
     "appointments.view": true,
     "appointments.confirm": false,
+    "appointments.reschedule": false,
     "appointments.cancel": false,
     "messaging": false,
     "procedures.view": true,
@@ -12912,12 +12982,23 @@ var DEFAULT_ROLE_PERMISSIONS = {
     "resources.edit": false,
     "resources.delete": false,
     "patients.view": true,
+    "patients.viewDetails": false,
+    "patients.create": false,
     "patients.edit": false,
+    "patients.manageTokens": false,
     "providers.view": true,
-    "providers.manage": false,
+    "providers.create": false,
+    "providers.invite": false,
+    "providers.edit": false,
     "analytics.view": false,
-    "staff.manage": false,
+    "staff.view": false,
+    "staff.edit": false,
+    "staff.invite": false,
+    "staff.delete": false,
+    "staff.viewTokens": false,
+    "staff.deleteTokens": false,
     "settings.manage": false,
+    "billing.view": false,
     "billing.manage": false
   }
 };
@@ -13004,28 +13085,44 @@ var DEFAULT_PLAN_CONFIG = {
 var PERMISSION_LABELS = {
   "clinic.view": { label: "View Clinic", description: "See clinic information and profile", category: "Clinic" },
   "clinic.edit": { label: "Edit Clinic", description: "Modify clinic settings and profile", category: "Clinic" },
+  "clinic.create": { label: "Create Clinic", description: "Create new clinic branches", category: "Clinic" },
   "reviews.view": { label: "View Reviews", description: "See patient reviews and ratings", category: "Clinic" },
   "calendar.view": { label: "View Calendar", description: "See the clinic calendar and schedules", category: "Calendar" },
+  "calendar.addEvent": { label: "Add Events", description: "Create appointments and blocking events on the calendar", category: "Calendar" },
+  "calendar.editEvent": { label: "Edit Events", description: "Edit blocking events on the calendar", category: "Calendar" },
+  "calendar.deleteEvent": { label: "Delete Events", description: "Delete blocking events from the calendar", category: "Calendar" },
   "appointments.view": { label: "View Appointments", description: "See appointment list and details", category: "Appointments" },
-  "appointments.confirm": { label: "Confirm Appointments", description: "Confirm pending appointment requests", category: "Appointments" },
+  "appointments.confirm": { label: "Confirm Appointments", description: "Confirm, reject, check in, and manage appointment status", category: "Appointments" },
+  "appointments.reschedule": { label: "Reschedule Appointments", description: "Reschedule confirmed appointments to a new time", category: "Appointments" },
   "appointments.cancel": { label: "Cancel Appointments", description: "Cancel existing appointments", category: "Appointments" },
   "messaging": { label: "Messaging", description: "Send and receive messages with patients", category: "Messaging" },
   "procedures.view": { label: "View Procedures", description: "See the procedures catalog", category: "Procedures" },
-  "procedures.create": { label: "Create Procedures", description: "Add new procedures to the catalog", category: "Procedures" },
+  "procedures.create": { label: "Create Procedures", description: "Add new procedures and assign to practitioners", category: "Procedures" },
   "procedures.edit": { label: "Edit Procedures", description: "Modify existing procedures", category: "Procedures" },
   "procedures.delete": { label: "Delete Procedures", description: "Remove procedures from the catalog", category: "Procedures" },
   "resources.view": { label: "View Resources", description: "See clinic resources and equipment", category: "Resources" },
   "resources.create": { label: "Create Resources", description: "Add new resources", category: "Resources" },
-  "resources.edit": { label: "Edit Resources", description: "Modify existing resources", category: "Resources" },
-  "resources.delete": { label: "Delete Resources", description: "Remove resources", category: "Resources" },
-  "patients.view": { label: "View Patients", description: "See patient list and profiles", category: "Patients" },
-  "patients.edit": { label: "Edit Patients", description: "Modify patient records", category: "Patients" },
+  "resources.edit": { label: "Edit Resources", description: "Modify existing resources and activate instances", category: "Resources" },
+  "resources.delete": { label: "Delete Resources", description: "Deactivate resources and delete instances", category: "Resources" },
+  "patients.view": { label: "View Patients", description: "See patient list", category: "Patients" },
+  "patients.viewDetails": { label: "View Patient Details", description: "Open patient file and detailed profile", category: "Patients" },
+  "patients.create": { label: "Create Patients", description: "Add new patients", category: "Patients" },
+  "patients.edit": { label: "Edit Patients", description: "Modify patient records and schedule appointments", category: "Patients" },
+  "patients.manageTokens": { label: "Manage Patient Tokens", description: "Create and manage patient invitation tokens", category: "Patients" },
   "providers.view": { label: "View Providers", description: "See the practitioners/providers list", category: "Providers" },
-  "providers.manage": { label: "Manage Providers", description: "Add, edit, or remove providers", category: "Providers" },
+  "providers.create": { label: "Create Providers", description: "Add new practitioners to the clinic", category: "Providers" },
+  "providers.invite": { label: "Invite Providers", description: "Invite existing practitioners to the clinic", category: "Providers" },
+  "providers.edit": { label: "Edit Providers", description: "Edit practitioner profiles and manage tokens", category: "Providers" },
   "analytics.view": { label: "View Analytics", description: "Access analytics dashboards and reports", category: "Analytics" },
-  "staff.manage": { label: "Manage Staff", description: "Add, remove, and assign roles to staff", category: "Administration" },
+  "staff.view": { label: "View Staff", description: "See staff management page and team members", category: "Staff Management" },
+  "staff.edit": { label: "Edit Staff", description: "Edit roles, permissions, and clinic assignments", category: "Staff Management" },
+  "staff.invite": { label: "Invite Staff", description: "Invite new team members", category: "Staff Management" },
+  "staff.delete": { label: "Delete Staff", description: "Remove team members and cancel invitations", category: "Staff Management" },
+  "staff.viewTokens": { label: "View Tokens", description: "See registration tokens", category: "Staff Management" },
+  "staff.deleteTokens": { label: "Delete Tokens", description: "Delete registration tokens", category: "Staff Management" },
   "settings.manage": { label: "Manage Settings", description: "Modify clinic group settings", category: "Administration" },
-  "billing.manage": { label: "Manage Billing", description: "Access billing, subscriptions, and payments", category: "Administration" }
+  "billing.view": { label: "View Billing", description: "View subscription plans and billing history", category: "Administration" },
+  "billing.manage": { label: "Manage Billing", description: "Manage subscriptions, upgrades, and payments", category: "Administration" }
 };
 var PERMISSION_CATEGORIES = [
   "Clinic",
@@ -13037,6 +13134,7 @@ var PERMISSION_CATEGORIES = [
   "Patients",
   "Providers",
   "Analytics",
+  "Staff Management",
   "Administration"
 ];
 var TIER_MAP = {

package/dist/index.mjs

@@ -12753,14 +12753,20 @@ import {
 
 // src/config/tiers.config.ts
 var PERMISSION_KEYS = {
-  // Listing & profile
+  // Clinic
   "clinic.view": true,
   "clinic.edit": true,
+  "clinic.create": true,
   "reviews.view": true,
-  // Calendar & Appointments
+  // Calendar
   "calendar.view": true,
+  "calendar.addEvent": true,
+  "calendar.editEvent": true,
+  "calendar.deleteEvent": true,
+  // Appointments
   "appointments.view": true,
   "appointments.confirm": true,
+  "appointments.reschedule": true,
   "appointments.cancel": true,
   // Messaging
   "messaging": true,
@@ -12776,16 +12782,27 @@ var PERMISSION_KEYS = {
   "resources.delete": true,
   // Patients
   "patients.view": true,
+  "patients.viewDetails": true,
+  "patients.create": true,
   "patients.edit": true,
+  "patients.manageTokens": true,
   // Providers (doctors, nurses, laser assistants, etc.)
   "providers.view": true,
-  "providers.manage": true,
+  "providers.create": true,
+  "providers.invite": true,
+  "providers.edit": true,
   // Analytics
   "analytics.view": true,
   // Staff management
-  "staff.manage": true,
+  "staff.view": true,
+  "staff.edit": true,
+  "staff.invite": true,
+  "staff.delete": true,
+  "staff.viewTokens": true,
+  "staff.deleteTokens": true,
   // Settings / Admin
   "settings.manage": true,
+  "billing.view": true,
   "billing.manage": true
 };
 var TIER_CONFIG = {
@@ -12821,10 +12838,15 @@ var DEFAULT_ROLE_PERMISSIONS = {
   ["owner" /* OWNER */]: {
     "clinic.view": true,
     "clinic.edit": true,
+    "clinic.create": true,
     "reviews.view": true,
     "calendar.view": true,
+    "calendar.addEvent": true,
+    "calendar.editEvent": true,
+    "calendar.deleteEvent": true,
     "appointments.view": true,
     "appointments.confirm": true,
+    "appointments.reschedule": true,
     "appointments.cancel": true,
     "messaging": true,
     "procedures.view": true,
@@ -12836,21 +12858,37 @@ var DEFAULT_ROLE_PERMISSIONS = {
     "resources.edit": true,
     "resources.delete": true,
     "patients.view": true,
+    "patients.viewDetails": true,
+    "patients.create": true,
     "patients.edit": true,
+    "patients.manageTokens": true,
     "providers.view": true,
-    "providers.manage": true,
+    "providers.create": true,
+    "providers.invite": true,
+    "providers.edit": true,
     "analytics.view": true,
-    "staff.manage": true,
+    "staff.view": true,
+    "staff.edit": true,
+    "staff.invite": true,
+    "staff.delete": true,
+    "staff.viewTokens": true,
+    "staff.deleteTokens": true,
     "settings.manage": true,
+    "billing.view": true,
     "billing.manage": true
   },
   ["admin" /* ADMIN */]: {
     "clinic.view": true,
     "clinic.edit": true,
+    "clinic.create": false,
     "reviews.view": true,
     "calendar.view": true,
+    "calendar.addEvent": true,
+    "calendar.editEvent": true,
+    "calendar.deleteEvent": true,
     "appointments.view": true,
     "appointments.confirm": true,
+    "appointments.reschedule": true,
     "appointments.cancel": true,
     "messaging": true,
     "procedures.view": true,
@@ -12862,21 +12900,37 @@ var DEFAULT_ROLE_PERMISSIONS = {
     "resources.edit": true,
     "resources.delete": true,
     "patients.view": true,
+    "patients.viewDetails": true,
+    "patients.create": true,
     "patients.edit": true,
+    "patients.manageTokens": true,
     "providers.view": true,
-    "providers.manage": true,
+    "providers.create": true,
+    "providers.invite": true,
+    "providers.edit": true,
     "analytics.view": true,
-    "staff.manage": false,
+    "staff.view": true,
+    "staff.edit": false,
+    "staff.invite": false,
+    "staff.delete": false,
+    "staff.viewTokens": false,
+    "staff.deleteTokens": false,
     "settings.manage": true,
+    "billing.view": true,
     "billing.manage": false
   },
   ["receptionist" /* RECEPTIONIST */]: {
     "clinic.view": true,
     "clinic.edit": false,
+    "clinic.create": false,
     "reviews.view": true,
     "calendar.view": true,
+    "calendar.addEvent": true,
+    "calendar.editEvent": false,
+    "calendar.deleteEvent": false,
     "appointments.view": true,
     "appointments.confirm": true,
+    "appointments.reschedule": true,
     "appointments.cancel": false,
     "messaging": true,
     "procedures.view": true,
@@ -12888,21 +12942,37 @@ var DEFAULT_ROLE_PERMISSIONS = {
     "resources.edit": false,
     "resources.delete": false,
     "patients.view": true,
+    "patients.viewDetails": true,
+    "patients.create": true,
     "patients.edit": false,
+    "patients.manageTokens": false,
     "providers.view": true,
-    "providers.manage": false,
+    "providers.create": false,
+    "providers.invite": false,
+    "providers.edit": false,
     "analytics.view": false,
-    "staff.manage": false,
+    "staff.view": false,
+    "staff.edit": false,
+    "staff.invite": false,
+    "staff.delete": false,
+    "staff.viewTokens": false,
+    "staff.deleteTokens": false,
     "settings.manage": false,
+    "billing.view": false,
     "billing.manage": false
   },
   ["assistant" /* ASSISTANT */]: {
     "clinic.view": true,
     "clinic.edit": false,
+    "clinic.create": false,
     "reviews.view": true,
     "calendar.view": true,
+    "calendar.addEvent": false,
+    "calendar.editEvent": false,
+    "calendar.deleteEvent": false,
     "appointments.view": true,
     "appointments.confirm": false,
+    "appointments.reschedule": false,
     "appointments.cancel": false,
     "messaging": false,
     "procedures.view": true,
@@ -12914,12 +12984,23 @@ var DEFAULT_ROLE_PERMISSIONS = {
     "resources.edit": false,
     "resources.delete": false,
     "patients.view": true,
+    "patients.viewDetails": false,
+    "patients.create": false,
     "patients.edit": false,
+    "patients.manageTokens": false,
     "providers.view": true,
-    "providers.manage": false,
+    "providers.create": false,
+    "providers.invite": false,
+    "providers.edit": false,
     "analytics.view": false,
-    "staff.manage": false,
+    "staff.view": false,
+    "staff.edit": false,
+    "staff.invite": false,
+    "staff.delete": false,
+    "staff.viewTokens": false,
+    "staff.deleteTokens": false,
     "settings.manage": false,
+    "billing.view": false,
     "billing.manage": false
   }
 };
@@ -13006,28 +13087,44 @@ var DEFAULT_PLAN_CONFIG = {
 var PERMISSION_LABELS = {
   "clinic.view": { label: "View Clinic", description: "See clinic information and profile", category: "Clinic" },
   "clinic.edit": { label: "Edit Clinic", description: "Modify clinic settings and profile", category: "Clinic" },
+  "clinic.create": { label: "Create Clinic", description: "Create new clinic branches", category: "Clinic" },
   "reviews.view": { label: "View Reviews", description: "See patient reviews and ratings", category: "Clinic" },
   "calendar.view": { label: "View Calendar", description: "See the clinic calendar and schedules", category: "Calendar" },
+  "calendar.addEvent": { label: "Add Events", description: "Create appointments and blocking events on the calendar", category: "Calendar" },
+  "calendar.editEvent": { label: "Edit Events", description: "Edit blocking events on the calendar", category: "Calendar" },
+  "calendar.deleteEvent": { label: "Delete Events", description: "Delete blocking events from the calendar", category: "Calendar" },
   "appointments.view": { label: "View Appointments", description: "See appointment list and details", category: "Appointments" },
-  "appointments.confirm": { label: "Confirm Appointments", description: "Confirm pending appointment requests", category: "Appointments" },
+  "appointments.confirm": { label: "Confirm Appointments", description: "Confirm, reject, check in, and manage appointment status", category: "Appointments" },
+  "appointments.reschedule": { label: "Reschedule Appointments", description: "Reschedule confirmed appointments to a new time", category: "Appointments" },
   "appointments.cancel": { label: "Cancel Appointments", description: "Cancel existing appointments", category: "Appointments" },
   "messaging": { label: "Messaging", description: "Send and receive messages with patients", category: "Messaging" },
   "procedures.view": { label: "View Procedures", description: "See the procedures catalog", category: "Procedures" },
-  "procedures.create": { label: "Create Procedures", description: "Add new procedures to the catalog", category: "Procedures" },
+  "procedures.create": { label: "Create Procedures", description: "Add new procedures and assign to practitioners", category: "Procedures" },
   "procedures.edit": { label: "Edit Procedures", description: "Modify existing procedures", category: "Procedures" },
   "procedures.delete": { label: "Delete Procedures", description: "Remove procedures from the catalog", category: "Procedures" },
   "resources.view": { label: "View Resources", description: "See clinic resources and equipment", category: "Resources" },
   "resources.create": { label: "Create Resources", description: "Add new resources", category: "Resources" },
-  "resources.edit": { label: "Edit Resources", description: "Modify existing resources", category: "Resources" },
-  "resources.delete": { label: "Delete Resources", description: "Remove resources", category: "Resources" },
-  "patients.view": { label: "View Patients", description: "See patient list and profiles", category: "Patients" },
-  "patients.edit": { label: "Edit Patients", description: "Modify patient records", category: "Patients" },
+  "resources.edit": { label: "Edit Resources", description: "Modify existing resources and activate instances", category: "Resources" },
+  "resources.delete": { label: "Delete Resources", description: "Deactivate resources and delete instances", category: "Resources" },
+  "patients.view": { label: "View Patients", description: "See patient list", category: "Patients" },
+  "patients.viewDetails": { label: "View Patient Details", description: "Open patient file and detailed profile", category: "Patients" },
+  "patients.create": { label: "Create Patients", description: "Add new patients", category: "Patients" },
+  "patients.edit": { label: "Edit Patients", description: "Modify patient records and schedule appointments", category: "Patients" },
+  "patients.manageTokens": { label: "Manage Patient Tokens", description: "Create and manage patient invitation tokens", category: "Patients" },
   "providers.view": { label: "View Providers", description: "See the practitioners/providers list", category: "Providers" },
-  "providers.manage": { label: "Manage Providers", description: "Add, edit, or remove providers", category: "Providers" },
+  "providers.create": { label: "Create Providers", description: "Add new practitioners to the clinic", category: "Providers" },
+  "providers.invite": { label: "Invite Providers", description: "Invite existing practitioners to the clinic", category: "Providers" },
+  "providers.edit": { label: "Edit Providers", description: "Edit practitioner profiles and manage tokens", category: "Providers" },
   "analytics.view": { label: "View Analytics", description: "Access analytics dashboards and reports", category: "Analytics" },
-  "staff.manage": { label: "Manage Staff", description: "Add, remove, and assign roles to staff", category: "Administration" },
+  "staff.view": { label: "View Staff", description: "See staff management page and team members", category: "Staff Management" },
+  "staff.edit": { label: "Edit Staff", description: "Edit roles, permissions, and clinic assignments", category: "Staff Management" },
+  "staff.invite": { label: "Invite Staff", description: "Invite new team members", category: "Staff Management" },
+  "staff.delete": { label: "Delete Staff", description: "Remove team members and cancel invitations", category: "Staff Management" },
+  "staff.viewTokens": { label: "View Tokens", description: "See registration tokens", category: "Staff Management" },
+  "staff.deleteTokens": { label: "Delete Tokens", description: "Delete registration tokens", category: "Staff Management" },
   "settings.manage": { label: "Manage Settings", description: "Modify clinic group settings", category: "Administration" },
-  "billing.manage": { label: "Manage Billing", description: "Access billing, subscriptions, and payments", category: "Administration" }
+  "billing.view": { label: "View Billing", description: "View subscription plans and billing history", category: "Administration" },
+  "billing.manage": { label: "Manage Billing", description: "Manage subscriptions, upgrades, and payments", category: "Administration" }
 };
 var PERMISSION_CATEGORIES = [
   "Clinic",
@@ -13039,6 +13136,7 @@ var PERMISSION_CATEGORIES = [
   "Patients",
   "Providers",
   "Analytics",
+  "Staff Management",
   "Administration"
 ];
 var TIER_MAP = {

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@blackcode_sa/metaestetics-api",
   "private": false,
-  "version": "1.15.17-staging.8",
+  "version": "1.15.17-staging.9",
   "description": "Firebase authentication service with anonymous upgrade support",
   "main": "dist/index.js",
   "module": "dist/index.mjs",

package/src/config/tiers.config.ts

@@ -8,17 +8,30 @@ import type { PlanConfigDocument } from '../types/system/planConfig.types';
  * what a given role (owner/admin/receptionist/assistant) can do.
  * New roles can be added by extending the ClinicRole enum and adding
  * a corresponding entry here.
+ *
+ * v2 (2026-03-31): Expanded from 23 to 40 permissions.
+ *   - providers.manage → providers.create, providers.invite, providers.edit
+ *   - staff.manage → staff.view, staff.edit, staff.invite, staff.delete, staff.viewTokens, staff.deleteTokens
+ *   - Added: clinic.create, calendar.addEvent, calendar.editEvent, calendar.deleteEvent,
+ *     appointments.reschedule, patients.viewDetails, patients.create, patients.manageTokens, billing.view
  */
 export const PERMISSION_KEYS = {
-  // Listing & profile
+  // Clinic
   'clinic.view': true,
   'clinic.edit': true,
+  'clinic.create': true,
   'reviews.view': true,
 
-  // Calendar & Appointments
+  // Calendar
   'calendar.view': true,
+  'calendar.addEvent': true,
+  'calendar.editEvent': true,
+  'calendar.deleteEvent': true,
+
+  // Appointments
   'appointments.view': true,
   'appointments.confirm': true,
+  'appointments.reschedule': true,
   'appointments.cancel': true,
 
   // Messaging
@@ -38,20 +51,31 @@ export const PERMISSION_KEYS = {
 
   // Patients
   'patients.view': true,
+  'patients.viewDetails': true,
+  'patients.create': true,
   'patients.edit': true,
+  'patients.manageTokens': true,
 
   // Providers (doctors, nurses, laser assistants, etc.)
   'providers.view': true,
-  'providers.manage': true,
+  'providers.create': true,
+  'providers.invite': true,
+  'providers.edit': true,
 
   // Analytics
   'analytics.view': true,
 
   // Staff management
-  'staff.manage': true,
+  'staff.view': true,
+  'staff.edit': true,
+  'staff.invite': true,
+  'staff.delete': true,
+  'staff.viewTokens': true,
+  'staff.deleteTokens': true,
 
   // Settings / Admin
   'settings.manage': true,
+  'billing.view': true,
   'billing.manage': true,
 } as const;
 
@@ -110,10 +134,15 @@ export const DEFAULT_ROLE_PERMISSIONS: Record<ClinicRole, Record<string, boolean
   [ClinicRole.OWNER]: {
     'clinic.view': true,
     'clinic.edit': true,
+    'clinic.create': true,
     'reviews.view': true,
     'calendar.view': true,
+    'calendar.addEvent': true,
+    'calendar.editEvent': true,
+    'calendar.deleteEvent': true,
     'appointments.view': true,
     'appointments.confirm': true,
+    'appointments.reschedule': true,
     'appointments.cancel': true,
     'messaging': true,
     'procedures.view': true,
@@ -125,21 +154,37 @@ export const DEFAULT_ROLE_PERMISSIONS: Record<ClinicRole, Record<string, boolean
     'resources.edit': true,
     'resources.delete': true,
     'patients.view': true,
+    'patients.viewDetails': true,
+    'patients.create': true,
     'patients.edit': true,
+    'patients.manageTokens': true,
     'providers.view': true,
-    'providers.manage': true,
+    'providers.create': true,
+    'providers.invite': true,
+    'providers.edit': true,
     'analytics.view': true,
-    'staff.manage': true,
+    'staff.view': true,
+    'staff.edit': true,
+    'staff.invite': true,
+    'staff.delete': true,
+    'staff.viewTokens': true,
+    'staff.deleteTokens': true,
     'settings.manage': true,
+    'billing.view': true,
     'billing.manage': true,
   },
   [ClinicRole.ADMIN]: {
     'clinic.view': true,
     'clinic.edit': true,
+    'clinic.create': false,
     'reviews.view': true,
     'calendar.view': true,
+    'calendar.addEvent': true,
+    'calendar.editEvent': true,
+    'calendar.deleteEvent': true,
     'appointments.view': true,
     'appointments.confirm': true,
+    'appointments.reschedule': true,
     'appointments.cancel': true,
     'messaging': true,
     'procedures.view': true,
@@ -151,21 +196,37 @@ export const DEFAULT_ROLE_PERMISSIONS: Record<ClinicRole, Record<string, boolean
     'resources.edit': true,
     'resources.delete': true,
     'patients.view': true,
+    'patients.viewDetails': true,
+    'patients.create': true,
     'patients.edit': true,
+    'patients.manageTokens': true,
     'providers.view': true,
-    'providers.manage': true,
+    'providers.create': true,
+    'providers.invite': true,
+    'providers.edit': true,
     'analytics.view': true,
-    'staff.manage': false,
+    'staff.view': true,
+    'staff.edit': false,
+    'staff.invite': false,
+    'staff.delete': false,
+    'staff.viewTokens': false,
+    'staff.deleteTokens': false,
     'settings.manage': true,
+    'billing.view': true,
     'billing.manage': false,
   },
   [ClinicRole.RECEPTIONIST]: {
     'clinic.view': true,
     'clinic.edit': false,
+    'clinic.create': false,
     'reviews.view': true,
     'calendar.view': true,
+    'calendar.addEvent': true,
+    'calendar.editEvent': false,
+    'calendar.deleteEvent': false,
     'appointments.view': true,
     'appointments.confirm': true,
+    'appointments.reschedule': true,
     'appointments.cancel': false,
     'messaging': true,
     'procedures.view': true,
@@ -177,21 +238,37 @@ export const DEFAULT_ROLE_PERMISSIONS: Record<ClinicRole, Record<string, boolean
     'resources.edit': false,
     'resources.delete': false,
     'patients.view': true,
+    'patients.viewDetails': true,
+    'patients.create': true,
     'patients.edit': false,
+    'patients.manageTokens': false,
     'providers.view': true,
-    'providers.manage': false,
+    'providers.create': false,
+    'providers.invite': false,
+    'providers.edit': false,
     'analytics.view': false,
-    'staff.manage': false,
+    'staff.view': false,
+    'staff.edit': false,
+    'staff.invite': false,
+    'staff.delete': false,
+    'staff.viewTokens': false,
+    'staff.deleteTokens': false,
     'settings.manage': false,
+    'billing.view': false,
     'billing.manage': false,
   },
   [ClinicRole.ASSISTANT]: {
     'clinic.view': true,
     'clinic.edit': false,
+    'clinic.create': false,
     'reviews.view': true,
     'calendar.view': true,
+    'calendar.addEvent': false,
+    'calendar.editEvent': false,
+    'calendar.deleteEvent': false,
     'appointments.view': true,
     'appointments.confirm': false,
+    'appointments.reschedule': false,
     'appointments.cancel': false,
     'messaging': false,
     'procedures.view': true,
@@ -203,12 +280,23 @@ export const DEFAULT_ROLE_PERMISSIONS: Record<ClinicRole, Record<string, boolean
     'resources.edit': false,
     'resources.delete': false,
     'patients.view': true,
+    'patients.viewDetails': false,
+    'patients.create': false,
     'patients.edit': false,
+    'patients.manageTokens': false,
     'providers.view': true,
-    'providers.manage': false,
+    'providers.create': false,
+    'providers.invite': false,
+    'providers.edit': false,
     'analytics.view': false,
-    'staff.manage': false,
+    'staff.view': false,
+    'staff.edit': false,
+    'staff.invite': false,
+    'staff.delete': false,
+    'staff.viewTokens': false,
+    'staff.deleteTokens': false,
     'settings.manage': false,
+    'billing.view': false,
     'billing.manage': false,
   },
 };
@@ -312,28 +400,44 @@ export const PERMISSION_LABELS: Record<
 > = {
   'clinic.view': { label: 'View Clinic', description: 'See clinic information and profile', category: 'Clinic' },
   'clinic.edit': { label: 'Edit Clinic', description: 'Modify clinic settings and profile', category: 'Clinic' },
+  'clinic.create': { label: 'Create Clinic', description: 'Create new clinic branches', category: 'Clinic' },
   'reviews.view': { label: 'View Reviews', description: 'See patient reviews and ratings', category: 'Clinic' },
   'calendar.view': { label: 'View Calendar', description: 'See the clinic calendar and schedules', category: 'Calendar' },
+  'calendar.addEvent': { label: 'Add Events', description: 'Create appointments and blocking events on the calendar', category: 'Calendar' },
+  'calendar.editEvent': { label: 'Edit Events', description: 'Edit blocking events on the calendar', category: 'Calendar' },
+  'calendar.deleteEvent': { label: 'Delete Events', description: 'Delete blocking events from the calendar', category: 'Calendar' },
   'appointments.view': { label: 'View Appointments', description: 'See appointment list and details', category: 'Appointments' },
-  'appointments.confirm': { label: 'Confirm Appointments', description: 'Confirm pending appointment requests', category: 'Appointments' },
+  'appointments.confirm': { label: 'Confirm Appointments', description: 'Confirm, reject, check in, and manage appointment status', category: 'Appointments' },
+  'appointments.reschedule': { label: 'Reschedule Appointments', description: 'Reschedule confirmed appointments to a new time', category: 'Appointments' },
   'appointments.cancel': { label: 'Cancel Appointments', description: 'Cancel existing appointments', category: 'Appointments' },
   'messaging': { label: 'Messaging', description: 'Send and receive messages with patients', category: 'Messaging' },
   'procedures.view': { label: 'View Procedures', description: 'See the procedures catalog', category: 'Procedures' },
-  'procedures.create': { label: 'Create Procedures', description: 'Add new procedures to the catalog', category: 'Procedures' },
+  'procedures.create': { label: 'Create Procedures', description: 'Add new procedures and assign to practitioners', category: 'Procedures' },
   'procedures.edit': { label: 'Edit Procedures', description: 'Modify existing procedures', category: 'Procedures' },
   'procedures.delete': { label: 'Delete Procedures', description: 'Remove procedures from the catalog', category: 'Procedures' },
   'resources.view': { label: 'View Resources', description: 'See clinic resources and equipment', category: 'Resources' },
   'resources.create': { label: 'Create Resources', description: 'Add new resources', category: 'Resources' },
-  'resources.edit': { label: 'Edit Resources', description: 'Modify existing resources', category: 'Resources' },
-  'resources.delete': { label: 'Delete Resources', description: 'Remove resources', category: 'Resources' },
-  'patients.view': { label: 'View Patients', description: 'See patient list and profiles', category: 'Patients' },
-  'patients.edit': { label: 'Edit Patients', description: 'Modify patient records', category: 'Patients' },
+  'resources.edit': { label: 'Edit Resources', description: 'Modify existing resources and activate instances', category: 'Resources' },
+  'resources.delete': { label: 'Delete Resources', description: 'Deactivate resources and delete instances', category: 'Resources' },
+  'patients.view': { label: 'View Patients', description: 'See patient list', category: 'Patients' },
+  'patients.viewDetails': { label: 'View Patient Details', description: 'Open patient file and detailed profile', category: 'Patients' },
+  'patients.create': { label: 'Create Patients', description: 'Add new patients', category: 'Patients' },
+  'patients.edit': { label: 'Edit Patients', description: 'Modify patient records and schedule appointments', category: 'Patients' },
+  'patients.manageTokens': { label: 'Manage Patient Tokens', description: 'Create and manage patient invitation tokens', category: 'Patients' },
   'providers.view': { label: 'View Providers', description: 'See the practitioners/providers list', category: 'Providers' },
-  'providers.manage': { label: 'Manage Providers', description: 'Add, edit, or remove providers', category: 'Providers' },
+  'providers.create': { label: 'Create Providers', description: 'Add new practitioners to the clinic', category: 'Providers' },
+  'providers.invite': { label: 'Invite Providers', description: 'Invite existing practitioners to the clinic', category: 'Providers' },
+  'providers.edit': { label: 'Edit Providers', description: 'Edit practitioner profiles and manage tokens', category: 'Providers' },
   'analytics.view': { label: 'View Analytics', description: 'Access analytics dashboards and reports', category: 'Analytics' },
-  'staff.manage': { label: 'Manage Staff', description: 'Add, remove, and assign roles to staff', category: 'Administration' },
+  'staff.view': { label: 'View Staff', description: 'See staff management page and team members', category: 'Staff Management' },
+  'staff.edit': { label: 'Edit Staff', description: 'Edit roles, permissions, and clinic assignments', category: 'Staff Management' },
+  'staff.invite': { label: 'Invite Staff', description: 'Invite new team members', category: 'Staff Management' },
+  'staff.delete': { label: 'Delete Staff', description: 'Remove team members and cancel invitations', category: 'Staff Management' },
+  'staff.viewTokens': { label: 'View Tokens', description: 'See registration tokens', category: 'Staff Management' },
+  'staff.deleteTokens': { label: 'Delete Tokens', description: 'Delete registration tokens', category: 'Staff Management' },
   'settings.manage': { label: 'Manage Settings', description: 'Modify clinic group settings', category: 'Administration' },
-  'billing.manage': { label: 'Manage Billing', description: 'Access billing, subscriptions, and payments', category: 'Administration' },
+  'billing.view': { label: 'View Billing', description: 'View subscription plans and billing history', category: 'Administration' },
+  'billing.manage': { label: 'Manage Billing', description: 'Manage subscriptions, upgrades, and payments', category: 'Administration' },
 };
 
 /** All unique permission categories in display order. */
@@ -347,6 +451,7 @@ export const PERMISSION_CATEGORIES = [
   'Patients',
   'Providers',
   'Analytics',
+  'Staff Management',
   'Administration',
 ] as const;